Uncategorized

Lost Military Backup Tapes Results in HIPAA Violation Affecting 4.9 Million

onlinetech
onlinetech
3 Min Read

The most recent HIPAA violator appears to be a contractor for the Pentagon. TRICARE, the Defense Department’s healthcare program, reported what may be the largest health information breach documented in HIPAA history since the HITECH Act was established in 2009. Nearly 4.9 million patients of San Antonio area military hospitals and clinics have been affected by the loss of data backup tapes. These tapes contained an archive of sensitive information dating from Sept. 7, 2011, back to 1992.

The most recent HIPAA violator appears to be a contractor for the Pentagon. TRICARE, the Defense Department’s healthcare program, reported what may be the largest health information breach documented in HIPAA history since the HITECH Act was established in 2009. Nearly 4.9 million patients of San Antonio area military hospitals and clinics have been affected by the loss of data backup tapes. These tapes contained an archive of sensitive information dating from Sept. 7, 2011, back to 1992.

While an ongoing investigation takes place, the only details released include what kind of data lost (personally identifiable sensitive information and protected health information, including SSNs, names, addresses, clinical notes, lab tests and prescriptions), as well as the fact that the backup tapes were not encrypted. Although breaches of encrypted data do not have to be reported, it is still a recommended best practice for the minimum security to meet PCI and HIPAA compliance and protect patient data.

The exact cause of the loss has not been disclosed, and Vernon Guidry, a spokesman for Science Applications International (SAIC), the organization that reported the breach, has confirmed that it was “not an electronic breach” but “a loss of magnetic storage media.”

More Read

The Importance of Baseline Metrics
A Guide to Dealing with Dementia
Psychable Explains How Much Ketamine Therapy Costs
Benefits of Private Cloud Computing: Compliant & Cost-Effective
2012 Health IT Cloud Computing: Private Clouds Dominate

Cases such as these present an opportunity for lessons learned – always go with encryption when it comes to storing or transmitting sensitive data, and when outsourcing your offsite backup and data storage to an IT contractor, make sure they have HIPAA/HITECH regulated policies and procedures in place.

Get more information about policies, procedures and audits a HIPAA compliant data center should have in place, or watch our previously recorded HIPAA webinar to hear our guest speaker Attorney Tatiana Melnik explain the legal implications of HITECH/HIPAA.

Sources:
TRICARE Breach Affects 4.9 Million
Official TRICARE Data Breach Statement
Data Breach Exposes 4.9 Million TRICARE Patients

  

TAGGED:
Share This Article

Stay Connected

Latest News

Veneers vs. Crowns vs. Bonding: Understanding Cosmetic Options
Veneers vs. Crowns vs. Bonding: Understanding Cosmetic Options
Dental health Specialties
dental implants
Dental Implants and Quality of Life: What the Outcomes Data Shows
Dental health Specialties
Why Outpatient Addiction Treatment Works Better Than Most People Expect
Addiction Addiction Recovery
grief affects brain
How Grief Affects The Brain And Body
Infographics Mental Health

You Might also Like